Package org.pac4j.http.credentials.extractor

Class DigestAuthExtractor

java.lang.Object
org.pac4j.http.credentials.extractor.DigestAuthExtractor
All Implemented Interfaces:
org.pac4j.core.credentials.extractor.CredentialsExtractor
public class DigestAuthExtractor extends Object implements org.pac4j.core.credentials.extractor.CredentialsExtractor
To extract digest auth header.
Since:
1.9.0
Author:
Mircea Carasel

  • Constructor Details

    • DigestAuthExtractor

      public DigestAuthExtractor()

      Constructor for DigestAuthExtractor.

    • DigestAuthExtractor

      public DigestAuthExtractor(String headerName, String prefixHeader)

      Constructor for DigestAuthExtractor.

      Parameters:
      headerName - a String object
      prefixHeader - a String object

  • Method Details

    • extract

      public Optional<org.pac4j.core.credentials.Credentials> extract(org.pac4j.core.context.CallContext ctx)
      Extracts digest Authorization header components. As per RFC 2617 : username is the user's name in the specified realm qop is quality of protection uri is the request uri response is the client response nonce is a server-specified data string which should be uniquely generated each time a 401 response is made cnonce is the client nonce nc is the nonce count If in the Authorization header it is not specified a username and response, we throw CredentialsException because the client uses an username and a password to authenticate. response is just a MD5 encoded value based on user provided password and RFC 2617 digest authentication encoding rules
      Specified by:
      extract in interface org.pac4j.core.credentials.extractor.CredentialsExtractor